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A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 
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- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )^ Responsive to communication(s) filed on 27 Auoustt 2004 . 
2a)^ This action is FINAL. 2b)D This action is non-final. 

3) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 28-45 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) Q Claim(s) is/are allowed. 

6) S Claim(s) 28-45 is/are rejected. 

7) Q Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1 .121 (d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 
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1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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Detailed Action 

1. This action is responsive to communication: amendment filed on 

27 August 2004, the original application was filed on 7 December 2000. 

2. Due to amendment claims 28-47 are currently pending in this application. Claims 

28 and 40 are independent claims. 

Claim Objections 

3. The numbering of claims is not in accordance with 37 CFR 1 . 1 26 which requires 
the original numbering of the claims to be preserved throughout the prosecution. When 
claims are canceled, the remaining claims must not be renumbered. When new claims 
are presented, they must be numbered consecutively beginning with the number next 
following the highest numbered claims previously presented (whether entered or not). 

Misnumbered claims 42-45 been renumbered 44-47. The claim presented as 
"42. (New.) The system of claim 40, wherein the user identifying information 
comprises a user name and password" should be renumbered "44" since it is following 
new claim numbered "43". The renumbering should take effect for claims indicated 
above. Also the claim numbers referenced within the claims needs to be updated 
appropriately. 

Response to Arguments 

4. Applicant's arguments with respect to claims 1-27 have been considered but are 
not persuasive. 

In response to argument starting on page 16 "The present invention is not 
concerned with the computational issues associated with user identifying data is 
held". The office does not agree with the argument. The previously presented claims 
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did not stress the importance of the LDAP or non-LDAP structure. Therefore the cited 
text applicant shown is proof enough that it is well known in the art to convert the 
protocol used for authentication request. This is also shown in the office action below 
which includes U.S. Patent No. 6,539,482 Blanco et al. (hereinafter '482) to explain how 
protocols are translated see c 482 col. 2, lines 62-67. 

In response to argument starting on page 17 "The examiner found in examining 
claim 4 (now canceled) that Xu '362 teaches ...The cited disclosure does not teach 
determining where to direct an access request based on the home region identifying 
information". The office disagrees Xu '362 col. 7, lines 40-67 shows how the 
referenced invention works with "home agents and foreign agents and how the home 
registrations agents, and work with other entities that own or manage the foreign agents". 
The office did not put weight on the LP AD protocol as previously stated above. 

In response to argument on page 18, "Additional, claim 28 describes a 
conditional authentication step not disclosed in Xu '362". The office does not 
recognize this as a valid argument since "a conditional authentication step" was not in 
presented in any of claims. Xu '362 teaches an authentication step in col. 4, line 44 
through col. 5, line 25. 

5. The applicant amended the claims by canceling claims 1-27 and adding claims 
28-45; the applicant modified the independent claim by: moving the preamble into the 
body of the claim, incorporating previously dependent claim 4 into the independent 
claim, as well as some word changes; therefore the previous rejection is not applicable 
the following rejection applies. 
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Claim Rejections - 35 USC §103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 102 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

7. Claims 28-32, 40, 41, and 42 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Xu et al. U.S. Patent No. 6,738,362 (hereinafter '362) in further view 
of Blanco et al, U.S. Patent No. 6,539,482 (hereinafter '482). 

As to independent claim 28, "A method for dial roaming outside of a home 
service region comprising: dialing into a local dial access provider; creating an 
access request comprising user identifying information and home region identifying 
information; forwarding the access request to a corporate remote authentication 
dial-in user service (RADIUS) server" is taught in '362 col. 4, lines 14-25 "In another 
aspect of the invention, a mobile Internet Protocol service provider system provides 
access to a network for a mobile node and enables the mobile node to communicate with 
a host on the network"; 

"proxying the access request to a regional RADIUS server associated with 
the user's home region; comparing the user identifying information in the access 
request with user identifying information stored in a regional user database 
accessible to the regional RADIUS server; and if the user identifying information in 
the access request matches the stored user identifying information, then: 
authenticating the user; and providing configuration information to the user to 
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allow access to a network of the home region" is shown in '362 col. 4, line 55 through 
col. 5, line 25 "In yet another aspect, a method is provided for authenticating a mobile 
node for network access. In accordance with the method, a registration request message 
is generated and sent from a foreign agent to a home registration agent. The registration 
request message contains information used to determine whether said mobile node is 
authorized to access a network, such as the mobile device's unique International Mobile 
Subscriber Identity (IMSI) number and/or its Electronic Serial Number (ESN). The 
home registration agent then determines from the information in the registration request 
message whether the mobile node is permitted to access the network. This step may be 
performed with the assistance of a authorization, authentication and accounting server, 
e.g., a RADIUS server. The home registration agent then generates a registration reply 
message and sends the registration; reply message from the home registration agent to the 
foreign agent"; 

the following is not disclosed in '362: "determining from the home region identifying 
information whether the home region supports Lightweight Directory Access 
Protocol (LDAP) authentication; if the home region does not offer LDAP 
authentication, then" however '482 teaches in col. 4, lines 45-53 "According to the 
RADIUS protocol, like for other high-level protocols such as TACACS and LDAP, 
information is exchanged in the form of attributes. Each attribute has a unique attribute 
identifier and an attribute value". 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify a mobile Internet Protocol service provider taught in '362 to include 
a means to recognize the protocol used of the home service provider. One of ordinary 
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skill in the art would have been motivated to perform such a modification to increase the 
ability to provide wireless Internet coverage see '482 (col. 4, lines 1 et seq.) "Making 
any authentication procedure use the directory service is however not straightforward . . . 
they are not compatible with the protocols used for user authentication on the network, 
such as RADIUS and TACAS". 

As to dependent claim 29 "wherein the access request is forwarded to an 
access provider via a network access server (NAS)" is disclosed in '362 col. 3, lines 
41-48 "such as a general purpose computer or network access server on the visited 
network". 

As to dependent claim 30, "wherein the NAS functions as a client of the 
corporate RADIUS server" is taught in '362 col. 7, lines 39-60 "The wireless 
communication service provider may furnish all the basic elements for providing mobile 
DP services, ... Or, the entity may simpley provide home tunneling and home registration 
agents, and work with other entities that own or manage the foreign agents . . . Another 
example would be an AAA or RADIUS server" 

As to dependent claim 31, "further comprising: if the home region offers 
LDAP authentication, then forwarding the access request to a regional LDAP 
database" is disclosed in '482 col. 3, lines 56-57 "The directory is accessible through a 
network client using the appropriate protocol (an LDAP client 12 in FIG. 1)". 

As to dependent claim 32, "further comprising comparing the user 
identifying information in the access request with user identifying information 
stored in a regional user- database accessible to the regional LDAP database" is 
shown in '482 col. 3, lines 58-62 "goal of the invention is to make any authentication 
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procedure on the network use the authentication data stored in the directory. In this 
manner, since the same authentication data is accessible to all the authentication 
procedures, this authentication data in principle only needs to contain one user identifier 
and one password". 

As to independent claim 40, this claim is directed to the system of method claim 
28 and is rejected along similar rationale. 

As to dependent claim 41, this claim contains substantially similar subject matter 
as dependent claims 29 and 30; therefore it is rejected along the same rationale. 

As to dependent claim 42, this claim contains substantially similar subject matter 
as dependent claim 31; therefore it is rejected along the same rationale. 
8. Claims 33-37, and 43 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over '362, in further view of '482 in further view of Liu et al., U.S. Patent No. 5,898,780 
(hereinafter '780). 

As to dependent claim 33, the following is not taught in the combination of 
teachings of '362 and '482: "further comprising the regional LDAP database sending 
an "accept" message if the user is in the regional LDAP database and a "deny" 
message if the user is not in the regional LDAP database" however '780 teaches 
"transmits a message to the server 132 either stating that the user 144 should be granted 
or denied internet access" in col. 4, lines 50-65 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify a mobile Internet Protocol service provider that uses LDAP data 
structure taught in '362 and '482 to include a means to recognize the home service 
provider. One of ordinary skill in the art would have been motivated to perform such a 
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modification to increase the ability to provide wireless Internet coverage see '780 (col. 1, 
lines 9 et seq.) "The apparatus of the present invention comprises a server or servers that 
can recognize the domain name of the home ISP". 

As to dependent claim 34, "wherein the user identifying information 
comprises a user name and password" is disclosed in '780 col. 4, lines 50-61 "Block 
162 indicates that the server 136 includes software attempts to match the "roaming" login 
information in an entry in a lob table in the server 136". 

As to dependent claim 35, "wherein the home region identifying information 
comprises a component of the user name" is taught in '780 col. 1, lines 25-27 "the user 
logs on to the local network of the foreign internet service provider using an identifier 
that includes the user's identification term, an identification term for the server of the 
home ISP". 

As to dependent claim 36, "wherein the user name comprises an email 
address of the user" is shown in '780 col. 1, lines 31-33 "For example, the user might 
log o to the local network of the local ISP by using a standard e-mail address such as 
jdoe@aimnet.com. Followed by the user's secret password". 

As to dependent claim 37, "wherein comparing the user identifying 
information in the access request with user identifying information stored in a 
regional user database accessible to the regional RADIUS server comprises 
comparing the user password in the access request with a user password stored in a 
regional user database accessible to the regional RADIUS server" is disclosed in '780 
col. 4, lines 50-61 "Block 162 indicates that the server 136 includes software attempts to 
match the "roaming" login information in an entry in a lob table in the server 136". 
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As to dependent claims 43 and 44, these claims contain substantially similar 
subject matter as dependent claims 33 and 34; therefore they arerejected along the same 
rationale. 

9. Claims 38, 39, 45, 46, and 47 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over '362 in further view of '482, in further view of '780 and in further 
view of Xu et al., U.S. Patent No. 6,151,628 (hereinafter '628). 

As to dependent claim 38, the following is not taught in the combination '362, 
482, and '780: "wherein the user password comprises a first hashed value and 
wherein comparing the user password in the access request with a user password 
stored in a regional user database accessible to the regional RADIUS server 
comprises: determining at the regional RADIUS server a hashing algorithm used to 
create the first hashed value; obtaining the stored password in clear text format; 
applying the hashing algorithm to the clear text stored password to produce a 
second hashed value; and comparing the first hashed value to the second hash 
value" however '628 teaches "In a preferred network access embodiment of the 
invention, a second phase authentication routine is employed to verify that the remote 
user is authorized to access the designated network. This is accomplished by conducting 
a password authentication procedure such PAP or CHAP routine both of which are 
known in the art" in col. 9, lines 48-57. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify a mobile Internet Protocol service provider which uses a LDAP data 
structure with ability to recognize ISP provider taught in the combination of '362, '482, 
and '780 to include a means provide additional security. One of ordinary skill in the art 
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would have been motivated to perform such a modification to increase the ability of 
Internet service providers to serve many users see '628 (col. 2, lines 1 et seq.) "The 
present invention also provides for network access methods by which a network access 
server, in combination with one or more authentication servers, can provide Internet and 
corporate network authentication and access 

As to dependent claim 39, "wherein the hashing algorithm is CHAP" is taught 
in '628 col. 9, lines 48-57. 

As to dependent claim 45, 46, and 47, these claims contain substantially similar 
subject matter as dependent claims 38 and 39; therefore they are rejected along the same 
rationale. 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final 
action is set to expire THREE MONTHS from the mailing date of this action. In the 
event a first reply is filed within TWO MONTHS of the mailing date of this final action 
and the advisory action is not mailed until after the end of the THREE-MONTH 
shortened statutory period, then the shortened statutory period will expire on the date the 
advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be 
calculated from the mailing date of the advisory action. In no event, however, will the 
statutory period for reply expire later than SIX MONTHS from the mailing date of this 
final action. 
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10. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ellen C Tran whose telephone number is 
(571) 272-3842. The examiner can normally be reached from 6:30 am to 3:30 pm. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory A Morse can be reached on (571) 272-3838. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 
Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 



Ellen Tran 
Patent Examiner 
Technology Center 2134 
21 December 2004 
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